| E-Government is a system engineering which makes the governmental work be standardized, serviced, informationed, netted and opened, use the computer and network to manage and maintain the daily work. The security of E-Government is a security system which contains the technology, management and organization. From the point of technology, the safety refers to four layers: the physical layer, the network layer, the system layer and the application layer, which includes many contents such as network insulation, safety detection and monitoring, safety audit, identity certification and access control, data copy and recovery.Starting with the application layer of safety system, this paper researches the safety of E-Government resources, proposes a safety solution of application system based-on J2EE, having identity certification and access control. This paper researches and implements to some extent for customer identity certification, access control and authority management.The identity certification adds One-Time Password certification to the traditional form-certification, and replaces stored password with stored digest of user password to strengthen the safety of certification. Based-on RBAC, the access control and authority management can accomplish united authority management and scrupulous access control by applying role pattern and proxy pattern. Based-on J2EE, this paper is implemented with some safety , flexibility and extensibility by using One-Time Password certification and RBAC.This paper introduces the E-Government security , the technology of identity certification and access control, discusses the design and implementation mainly for the entire system. In the end, this paper pointed out some things need to be perfected, and made a sum-up of the paper. |
PDF Full Text Request